CVE-2024-58002
Published: Feb 27, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be anytime in the future. If the user closes that file descriptor, its structure will be freed, and there will be one dangling pointer per pending async control, that the driver will try to use. Clean all the dangling pointers during release(). To avoid adding a performance penalty in the most common case (no async operation), a counter has been introduced with some logic to make sure that it is properly handled.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e5225c820c057537dc780244760e2e24c7d27366 - < 2a29413ace64627e178fd422dd8a5d95219a2c0baffected e5225c820c057537dc780244760e2e24c7d27366 - < 653993f46861f2971e95e9a0e36a34b49dec542caffected e5225c820c057537dc780244760e2e24c7d27366 - < 117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50affected e5225c820c057537dc780244760e2e24c7d27366 - < ac18d781466252cd35a3e311e0a4b264260fd927affected e5225c820c057537dc780244760e2e24c7d27366 - < 4dbaa738c583a0e947803c69e8996e88cf98d971+3 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 5.4.291 - <= 5.4.*unaffected 5.10.235 - <= 5.10.*unaffected 5.15.179 - <= 5.15.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now